package com.isoftstone.plugin.shiro;



import com.isoftstone.common.base.SessionManager;
import com.isoftstone.common.entity.SysMenu;
import com.isoftstone.common.entity.SysRole;
import com.isoftstone.common.entity.SysUser;
import com.isoftstone.common.service.ISysMenuService;
import com.isoftstone.common.service.ISysUserRoleService;
import com.isoftstone.common.service.ISysUserService;
import com.isoftstone.merchant.service.operator.IMOperatorService;
import com.isoftstone.util.Const;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;


/**
 *
 */
public class ShiroRealm extends AuthorizingRealm {


	@Autowired
	ISysUserService userService;

	@Autowired
	ISysMenuService sysMenuService;

	@Autowired
	ISysUserRoleService sysUserRoleService;

	@Autowired
	IMOperatorService mOperatorService;

	/*
     * 登录信息和用户验证信息验证(non-Javadoc)
     * @see org.apache.shiro.realm.AuthenticatingRealm#doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)
     */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
		UsernamePasswordToken token=  (UsernamePasswordToken)authcToken;
		String host = token.getHost();
		//System.out.println("host = " + host);



		SysUser user = null;
//		BankMerchantOperator user;
		try {
			user = userService.getUserByUserName(token.getUsername());
		} catch (Exception e) {
			e.printStackTrace();
			throw new UnknownAccountException();
		}
		SimpleAuthenticationInfo info = null;
		if(null != user){

			info =  new SimpleAuthenticationInfo(token.getUsername(),user.getPassword(), getName());
			Session session = SecurityUtils.getSubject().getSession();

			session.setAttribute(Const.SESSION_USER, user);
			//把用户信息放session中

		}else{
			throw new UnknownAccountException();
		}
		return info;
	}


	/*
	 * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用,负责在应用程序中决定用户的访问控制的方法(non-Javadoc)
	 * @see org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals){

		SimplePrincipalCollection principalCollection = (SimplePrincipalCollection) principals;
		List<Object> listPrincipals = principalCollection.asList();
		String username = (String)principalCollection.getPrimaryPrincipal();
		SysUser user = ((com.isoftstone.common.entity.SysUser) SessionManager.getSession().getAttribute(Const.SESSION_USER));
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
		try {
			List<SysRole> roleList = sysUserRoleService.getRolesByUserId(user.getUserid());
			List<SysMenu> menus = sysMenuService.getMenuByUserId(user.getUserid());
			String type="01";
			//超级管理员
			List<SysMenu> supermenus = sysMenuService.getMenuByUserType(type);
			if(StringUtils.equals(user.getType(),"01")){
				for (SysMenu supermenu : supermenus) {
					if (supermenu!=null){
						authorizationInfo.addStringPermission(supermenu.getPermission());
					}
				}

			}
			for (SysMenu menu : menus) {
				if(menu != null){
					if(StringUtils.isNotBlank(menu.getPermission())){
						authorizationInfo.addStringPermission(menu.getPermission());
					}
				}

			}

			for (SysRole sysRole : roleList) {
				authorizationInfo.addRole(sysRole.getRoleCode());
			}

		} catch (Exception e) {
			e.printStackTrace();
		}

		return authorizationInfo;
	}

}
